Speed Dial gives you quick access to your favorite Web sites. Every time you open a new tab, you are presented with a 3x3 grid of thumbnails, each representing a Web address. To open a page, click on the corresponding thumbnail, or use the keyboard shortcuts. http://help.opera.com/Mac/10.50/en/speeddial.html

Speed dial "protect users" to direct XSS attacks, but the extensions used in Speed ??Dial, are not free of bugs and some of them are not safe. A remote attacker could compose special attacks, for abusing the functionality of these extensions in Speed Dial.

####################
Extensions for Gmail
####################

This two extenions show latest unread Emails from Gmail and are prone vulnerables to XSS & CSRF style atacks.

######
XSS:
######

If a attacker write a Email and in subject insert a html code it is executed in the extension.

######
XSRF:
######

If a attacker compose a Email with subject like
"><iframe src="https://mail.google.com/mail/?logout&hl=es"<>/iframe>
when the extension refresh content, it cause victim logout function.